Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Realtek Semiconductor' = '%APPDATA%\Microsoft\Internet Explorer\RtkAudioService64.exe'
- %APPDATA%\Microsoft\Internet Explorer\RtkAudioService64.exe
- 'eq#####xpansao.com.br':80
- 'www.dm####tgearn.com':80
- 'al###i.scdl.net':80
- 'ib###p.com.br':80
- http://www.dm####tgearn.com/plugin/index.php
- http://eq#####xpansao.com.br/portal1/plugins/system/debug/recaptcha/index.php
- http://ib###p.com.br/plugins/system/debug/recaptcha/index.php
- http://al###i.scdl.net/scdlalumni/images/banners/count/b/contador.php
- DNS ASK eq#####xpansao.com.br
- DNS ASK www.dm####tgearn.com
- DNS ASK ib###p.com.br
- DNS ASK al###i.scdl.net
- DNS ASK www.go##e.com